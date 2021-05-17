It works by exploiting the fact that DNS resolvers do not perform actual resolution for every query they get, instead they all rely on one or several caches, allowing them to remember the responses they have recently received for a certain time, up to the “TTL” value of the response. So if we can determine that a given domain is in the cache, we know that it was queried at most “TTL” seconds ago.

In this post, I'll walk through the various ways that you might determine if injections are possible, focusing primarily on the most popular NoSQL database, Mongo. From simplest to hardest: [...]

This isn’t a direct quote, so I’ll assume that Khun BREEN said something less wrong. Because the fact of the matter is, that local privilege escalation (LPE) vulnerabilities (and the resulting capabilities) are more numerous than remote code execution (RCE) vulnerabilities for a given system. As a general rule of thumb this is true, although there are doubtless exceptions.

GridGain® Systems, provider of enterprise-grade in-memory computing solutions powered by the Apache® Ignite® distributed database, today discussed the success of the first virtual Ignite Summit, which took place on May 25, 2021. Twenty-five speakers from industry-leading companies including finance, biotech, health & fitness, construction and cloud computing led 15 hours of discussion about how Apache Ignite delivers the performance and scale required to address the world's most challenging computational and hybrid transactional/analytical processing requirements. The global virtual conference had hundreds of participants from North America, Latin America, EMEA and APAC, with an average of five hours of attendance per participant.

Whew! They’re just getting started but after all that, it’s time for a Micro Brew! Not much doesn’t go nicely with a crisp Micro Brew, and Trilio is demonstrating that with their upcoming webinar, Cloud Native Craft Beer Tasting, so you’ve got to love that.

Dear Tumbleweed users and hackers, Today, the weekly review reaches you a little bit late: I was out early yesterday to enjoy the weather. Here, the sun is finally coming out for more than just a few minutes. But, back to the important things that are the openSUSE Tumbleweed snapshots. Namely, we have released 6 snapshots (0603, 0604, 0605, 0606, 0609, and 0610) in the last week.

The writing's been on the wall for a few years, especially after the split from iTunes to "Music" and "TV" apps, and while I tested out Plex a few years back, I never really considered switching to another home media library system, mostly due to laziness.

Since 2008, I've ripped every DVD and Blu-Ray I bought to my Mac, with a collection of SD and HD media totaling around 2 TB today. To make that library accessible, I've always used iTunes and the iTunes Shared Library functionality that—while it still exists today—seems to be on life support, in kind of a "we still support it because the code is there" state.

RapidDisk is an advanced Linux RAM Disk which consists of a collection of modules and an administration tool. Features include: Dynamically allocate RAM as block device. Use them as stand alone disk drives or even map them as caching nodes to slower local disk drives.

Converting virtual machines to FreeBSD Jails took a few hours over a weekend, and since then the quantity of what is running has jumped dramatically. Originally I was running: [...]

I have attempted to consolidate the home lab before, but not with this level of success. There was the time I tried deploying a single-node Kubernetes cluster, which worked for a time until some upgrade caused the software-defined networking to break in a way I wasn’t interested in debugging in my free time. Following that I tried to go “old school” and started spinning up libvirt-based virtual machines which worked well for a long time. The major downside of that approach is that I simply wasn’t able to get much density because of the significant overhead for each virtual machine. At some point you run out of memory to commit to each VM.

One of the most promising BSD-based desktop distributions in recent times has been helloSystem that wants to be the macOS of BSDs with a polished desktop experience. helloSystem has been making good progress towards their goals in recent months and this weekend now issued version 0.5. The helloSystem 0.5 release is powered by FreeBSD 12.2 - they have not yet moved over to the recently launched FreeBSD 13.0. The helloSystem 0.5 release features changes to yield a smaller ISO system, their macOS-inspired desktop has seen various improvements, adding of the MTP Android File Transfer utility, and a lot of other desktop-related enhancements. There are also many fixes like "sudo su" now working. The helloDesktop stack also supports making use of KWin rather than Openbox but the latter remains the default.

Over the past few posts, I covered the hardware I picked up to setup a small LXD cluster and get it all setup at a co-location site near home. I’ve then gone silent for about 6 months, not because anything went wrong but just because of not quite finding the time to come back and complete this story! So let’s pick things up where I left them with the last post and cover the last few bits of the network setup and then go over what happened over the past 6 months.

IBM/Red Hat/Fedora Leftovers VzLinux ISO Download - Another CentOS 8 alternative - Linux Shout Last year RedHat announced the ending of Long term support for CentOS 8, which was really a shock to the Linux community, especially for those relying on it for their server applications. Since then other developers started to compensate for this void by trying to provide the best alternative to CentOS, a leading server OS on cloud and hosting services, free of cost. AlmaLinux and Rocky Linux are the best examples of that. I don’t think taking a U-turn for CentOS was a wise idea because it doesn’t only give birth to two new Redhat Linux clones that can be counted on but also more are underway. And one of them is VzLinux.

Cloud's Trillion Dollars 2030 Potential [Ed: IBMers past and present falling in love with buzzwords] “Thanks in part to cloud, Moderna was able to deliver the first clinical batch of its vaccine candidate (mRNA-1273) to the US National Institute of Health for phase one trials just 42 days after the initial sequencing of the virus,” wrote the authors of a recent McKinsey article, - Cloud’s trillion dollar prize is up for grabs. When the COVID-19 pandemic hit, “The company was well positioned to quickly design research experiments and to harness its automated laboratory and manufacturing processes and enhanced drug-discovery pipeline.” Over the past year, a number of articles have pointed out that, in response to the pandemic, digital adoption by business and consumers has already reached levels that weren’t expected for many years. “More companies are starting to see the real benefits of cloud, which has been long heralded as a catalyst for innovation and digital transformation, thanks to its ability to increase development speed and provide near-limitless scale,” adds the McKinsey article. “While Moderna’s success illustrates the business opportunities that cloud makes possible, it only scratches the surface of the potential value at stake. A detailed review of cloud cost-optimization levers and value-oriented business use cases foresees more than $1 trillion in run-rate EBITDA [an accounting measure of a company’s overall financial performance] across Fortune 500 companies as up for grabs in 2030.”

Rocky Linux 8.4 RC1 Available Now Please note that a release candidate is not suitable for production use. You can report any bugs or issues here. The upgrade from Rocky Linux 8.3 RC1 to Rocky Linux 8.4 RC1 is not supported, meaning it will not be tested nor documented.

Fedora Community Blog: Friday’s Fedora Facts: 2021-23 Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)! Don’t forget to take the Annual Fedora Survey and claim your badge! I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.